Wireshark mailing list archives
Re: Referer from https
From: Sake Blok <sake () euronet nl>
Date: Thu, 10 Feb 2011 09:16:05 +0100
On 10 feb 2011, at 03:06, Stephen Fisher wrote:
On Wed, Feb 09, 2011 at 03:26:22PM -0500, Maverick wrote:If a user is clicked on a link from an https site and that link isn't using ssl itself can we detect the refere information in that case.Yes, but then it isn't an "https" site and is instead an "http" site.
Funny, I would have expected this to (a "https://xxx referer in the http request), but I just tested with Firefox and whenever I follow a link on an https page to a non-https page (either on the same site or a different site), there is just no "Referer:" header. I'm not sure how other browsers are dealing with this, so I checked the RFC[1]. It states in 15.1.3: Clients SHOULD NOT include a Referer header field in a (non-secure) HTTP request if the referring page was transferred with a secure protocol. So there is your answer why you don't get the referer information. Cheers, Sake [1] http://tools.ietf.org/html/rfc2616#section-15.1.3 ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Referer from https Maverick (Feb 09)
- Re: Referer from https Stephen Fisher (Feb 09)
- Re: Referer from https Maverick (Feb 09)
- Re: Referer from https Sake Blok (Feb 10)
- Re: Referer from https Stephen Fisher (Feb 10)
- Re: Referer from https Maverick (Feb 10)
- Re: Referer from https Stephen Fisher (Feb 09)